diff options
Diffstat (limited to 'docs/html/security.html')
| -rw-r--r-- | docs/html/security.html | 686 |
1 files changed, 0 insertions, 686 deletions
diff --git a/docs/html/security.html b/docs/html/security.html deleted file mode 100644 index 4bf56506e..000000000 --- a/docs/html/security.html +++ /dev/null @@ -1,686 +0,0 @@ -<HTML -><HEAD -><TITLE ->Bugzilla Security</TITLE -><META -NAME="GENERATOR" -CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ -"><LINK -REL="HOME" -TITLE="The Bugzilla Guide - 2.17.5 - Development Release" -HREF="index.html"><LINK -REL="UP" -TITLE="Installation" -HREF="installation.html"><LINK -REL="PREVIOUS" -TITLE="OS Specific Installation Notes" -HREF="os-specific.html"><LINK -REL="NEXT" -TITLE="Troubleshooting" -HREF="troubleshooting.html"></HEAD -><BODY -CLASS="section" -BGCOLOR="#FFFFFF" -TEXT="#000000" -LINK="#0000FF" -VLINK="#840084" -ALINK="#0000FF" -><DIV -CLASS="NAVHEADER" -><TABLE -SUMMARY="Header navigation table" -WIDTH="100%" -BORDER="0" -CELLPADDING="0" -CELLSPACING="0" -><TR -><TH -COLSPAN="3" -ALIGN="center" ->The Bugzilla Guide - 2.17.5 - Development Release</TH -></TR -><TR -><TD -WIDTH="10%" -ALIGN="left" -VALIGN="bottom" -><A -HREF="os-specific.html" -ACCESSKEY="P" ->Prev</A -></TD -><TD -WIDTH="80%" -ALIGN="center" -VALIGN="bottom" ->Chapter 4. Installation</TD -><TD -WIDTH="10%" -ALIGN="right" -VALIGN="bottom" -><A -HREF="troubleshooting.html" -ACCESSKEY="N" ->Next</A -></TD -></TR -></TABLE -><HR -ALIGN="LEFT" -WIDTH="100%"></DIV -><DIV -CLASS="section" -><H1 -CLASS="section" -><A -NAME="security" -></A ->4.5. Bugzilla Security</H1 -><DIV -CLASS="warning" -><P -></P -><TABLE -CLASS="warning" -WIDTH="100%" -BORDER="0" -><TR -><TD -WIDTH="25" -ALIGN="CENTER" -VALIGN="TOP" -><IMG -SRC="../images/warning.gif" -HSPACE="5" -ALT="Warning"></TD -><TD -ALIGN="LEFT" -VALIGN="TOP" -><P ->Poorly-configured MySQL and Bugzilla installations have - given attackers full access to systems in the past. Please take these - guidelines seriously, even for Bugzilla machines hidden away behind - your firewall. 80% of all computer trespassers are insiders, not - anonymous crackers.</P -><P ->This is not meant to be a comprehensive list of every possible - security issue pertaining to the software mentioned in this section. - There is - no subsitute for reading the information written by the authors of any - software running on your system. - </P -></TD -></TR -></TABLE -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="security-networking" -></A ->4.5.1. TCP/IP Ports</H2 -><P ->TCP/IP defines 65,000 some ports for trafic. Of those, Bugzilla - only needs 1, or 2 if you need to use features that require e-mail such - as bug moving or the e-mail interface from contrib. You should audit - your server and make sure that you aren't listening on any ports you - don't need to be. You may also wish to use some kind of firewall - software to be sure that trafic can only be recieved on ports you - specify. - </P -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="security-mysql" -></A ->4.5.2. MySQL</H2 -><P ->MySQL ships by default with many settings that should be changed. - By defaults it allows anybody to connect from localhost without a - password and have full administrative capabilities. It also defaults to - not have a root password (this is <EM ->not</EM -> the same as - the system root). Also, many installations default to running - <SPAN -CLASS="application" ->mysqld</SPAN -> as the system root. - </P -><P -></P -><OL -TYPE="1" -><LI -><P ->Consult the documentation that came with your system for - information on making <SPAN -CLASS="application" ->mysqld</SPAN -> run as an - unprivleged user. - </P -></LI -><LI -><P ->You should also be sure to disable the anonymous user account - and set a password for the root user. This is accomplished using the - following commands: - </P -><TABLE -BORDER="0" -BGCOLOR="#E0E0E0" -WIDTH="100%" -><TR -><TD -><FONT -COLOR="#000000" -><PRE -CLASS="programlisting" -> <TT -CLASS="prompt" ->bash$</TT -> mysql mysql -<TT -CLASS="prompt" ->mysql></TT -> DELETE FROM user WHERE user = ''; -<TT -CLASS="prompt" ->mysql></TT -> UPDATE user SET password = password('<TT -CLASS="replaceable" -><I ->new_password</I -></TT ->') WHERE user = 'root'; -<TT -CLASS="prompt" ->mysql></TT -> FLUSH PRIVILEGES; - </PRE -></FONT -></TD -></TR -></TABLE -><P ->From this point forward you will need to use - <B -CLASS="command" ->mysql -u root -p</B -> and enter - <TT -CLASS="replaceable" -><I ->new_password</I -></TT -> when prompted when using the - mysql client. - </P -></LI -><LI -><P ->If you run MySQL on the same machine as your httpd server, you - should consider disabling networking from within MySQL by adding - the following to your <TT -CLASS="filename" ->/etc/my.conf</TT ->: - </P -><TABLE -BORDER="0" -BGCOLOR="#E0E0E0" -WIDTH="100%" -><TR -><TD -><FONT -COLOR="#000000" -><PRE -CLASS="programlisting" -> [myslqd] -# Prevent network access to MySQL. -skip-networking - </PRE -></FONT -></TD -></TR -></TABLE -></LI -><LI -><P ->You may also consider running MySQL, or even all of Bugzilla - in a chroot jail; however, instructions for doing that are beyond - the scope of this document. - </P -></LI -></OL -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="security-daemon" -></A ->4.5.3. Daemon Accounts</H2 -><P ->Many daemons, such as Apache's httpd and MySQL's mysqld default to - running as either <SPAN -CLASS="QUOTE" ->"root"</SPAN -> or <SPAN -CLASS="QUOTE" ->"nobody"</SPAN ->. Running - as <SPAN -CLASS="QUOTE" ->"root"</SPAN -> introduces obvious security problems, but the - problems introduced by running everything as <SPAN -CLASS="QUOTE" ->"nobody"</SPAN -> may - not be so obvious. Basically, if you're running every daemon as - <SPAN -CLASS="QUOTE" ->"nobody"</SPAN -> and one of them gets compromised, they all get - compromised. For this reason it is recommended that you create a user - account for each daemon. - </P -><DIV -CLASS="note" -><P -></P -><TABLE -CLASS="note" -WIDTH="100%" -BORDER="0" -><TR -><TD -WIDTH="25" -ALIGN="CENTER" -VALIGN="TOP" -><IMG -SRC="../images/note.gif" -HSPACE="5" -ALT="Note"></TD -><TD -ALIGN="LEFT" -VALIGN="TOP" -><P ->You will need to set the <TT -CLASS="varname" ->webservergroup</TT -> to - the group you created for your webserver to run as in - <TT -CLASS="filename" ->localconfig</TT ->. This will allow - <B -CLASS="command" ->./checksetup.pl</B -> to better adjust the file - permissions on your Bugzilla install so as to not require making - anything world-writable. - </P -></TD -></TR -></TABLE -></DIV -></DIV -><DIV -CLASS="section" -><H2 -CLASS="section" -><A -NAME="security-access" -></A ->4.5.4. Web Server Access Controls</H2 -><P ->There are many files that are placed in the Bugzilla directory - area that should not be accessable from the web. Because of the way - Bugzilla is currently laid out, the list of what should and should - not be accessible is rather complicated. - </P -><P ->Users of Apache don't need to worry about this, however, because - Bugzilla ships with .htaccess files which restrict access to all the - sensitive files in this section. Users of other webservers, read on. - </P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->In the main Bugzilla directory, you should:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block: - <TT -CLASS="filename" ->*.pl</TT ->, <TT -CLASS="filename" ->*localconfig*</TT ->, <TT -CLASS="filename" ->runtests.sh</TT -> - </P -></LI -><LI -><P ->But allow: - <TT -CLASS="filename" ->localconfig.js</TT ->, <TT -CLASS="filename" ->localconfig.rdf</TT -> - </P -></LI -></UL -></LI -><LI -><P ->In <TT -CLASS="filename" ->data</TT ->:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block everything</P -></LI -><LI -><P ->But allow: - <TT -CLASS="filename" ->duplicates.rdf</TT -> - </P -></LI -></UL -></LI -><LI -><P ->In <TT -CLASS="filename" ->data/webdot</TT ->:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->If you use a remote webdot server:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block everything</P -></LI -><LI -><P ->But allow - <TT -CLASS="filename" ->*.dot</TT -> - only for the remote webdot server</P -></LI -></UL -></LI -><LI -><P ->Otherwise, if you use a local GraphViz:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block everything</P -></LI -><LI -><P ->But allow: - <TT -CLASS="filename" ->*.png</TT ->, <TT -CLASS="filename" ->*.gif</TT ->, <TT -CLASS="filename" ->*.jpg</TT ->, <TT -CLASS="filename" ->*.map</TT -> - </P -></LI -></UL -></LI -><LI -><P ->And if you don't use any dot:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block everything</P -></LI -></UL -></LI -></UL -></LI -><LI -><P ->In <TT -CLASS="filename" ->Bugzilla</TT ->:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block everything</P -></LI -></UL -></LI -><LI -><P ->In <TT -CLASS="filename" ->template</TT ->:</P -><P -></P -><UL -COMPACT="COMPACT" -><LI -><P ->Block everything</P -></LI -></UL -></LI -></UL -><P ->You should test to make sure that the files mentioned above are - not accessible from the Internet, especially your - <TT -CLASS="filename" ->localconfig</TT -> file which contains your database - password. To test, simply point your web browser at the file; for - example, to test mozilla.org's installation, we'd try to access - <A -HREF="http://bugzilla.mozilla.org/localconfig" -TARGET="_top" ->http://bugzilla.mozilla.org/localconfig</A ->. You should - get a <SPAN -CLASS="errorcode" ->403</SPAN -> <SPAN -CLASS="errorname" ->Forbidden</SPAN -> - error. - </P -><DIV -CLASS="caution" -><P -></P -><TABLE -CLASS="caution" -WIDTH="100%" -BORDER="0" -><TR -><TD -WIDTH="25" -ALIGN="CENTER" -VALIGN="TOP" -><IMG -SRC="../images/caution.gif" -HSPACE="5" -ALT="Caution"></TD -><TD -ALIGN="LEFT" -VALIGN="TOP" -><P ->Not following the instructions in this section, including - testing, may result in sensitive information being globally - accessible. - </P -></TD -></TR -></TABLE -></DIV -><DIV -CLASS="tip" -><P -></P -><TABLE -CLASS="tip" -WIDTH="100%" -BORDER="0" -><TR -><TD -WIDTH="25" -ALIGN="CENTER" -VALIGN="TOP" -><IMG -SRC="../images/tip.gif" -HSPACE="5" -ALT="Tip"></TD -><TD -ALIGN="LEFT" -VALIGN="TOP" -><P ->You should check <A -HREF="http.html" ->Section 4.2</A -> to see if instructions - have been included for your web server. You should also compare those - instructions with this list to make sure everything is properly - accounted for. - </P -></TD -></TR -></TABLE -></DIV -></DIV -></DIV -><DIV -CLASS="NAVFOOTER" -><HR -ALIGN="LEFT" -WIDTH="100%"><TABLE -SUMMARY="Footer navigation table" -WIDTH="100%" -BORDER="0" -CELLPADDING="0" -CELLSPACING="0" -><TR -><TD -WIDTH="33%" -ALIGN="left" -VALIGN="top" -><A -HREF="os-specific.html" -ACCESSKEY="P" ->Prev</A -></TD -><TD -WIDTH="34%" -ALIGN="center" -VALIGN="top" -><A -HREF="index.html" -ACCESSKEY="H" ->Home</A -></TD -><TD -WIDTH="33%" -ALIGN="right" -VALIGN="top" -><A -HREF="troubleshooting.html" -ACCESSKEY="N" ->Next</A -></TD -></TR -><TR -><TD -WIDTH="33%" -ALIGN="left" -VALIGN="top" ->OS Specific Installation Notes</TD -><TD -WIDTH="34%" -ALIGN="center" -VALIGN="top" -><A -HREF="installation.html" -ACCESSKEY="U" ->Up</A -></TD -><TD -WIDTH="33%" -ALIGN="right" -VALIGN="top" ->Troubleshooting</TD -></TR -></TABLE -></DIV -></BODY -></HTML ->
\ No newline at end of file |